-diff -urpa shadow-4.8.orig/lib/getdef.c shadow-4.8/lib/getdef.c
---- shadow-4.8.orig/lib/getdef.c 2019-12-01 18:02:43.000000000 +0100
-+++ shadow-4.8/lib/getdef.c 2019-12-15 23:52:32.683000000 +0100
-@@ -89,7 +89,6 @@ static struct itemdef def_table[] = {
+diff -urpa shadow-4.15.1.orig/lib/getdef.c shadow-4.15.1/lib/getdef.c
+--- shadow-4.15.1.orig/lib/getdef.c 2024-03-23 21:32:25.000000000 +0100
++++ shadow-4.15.1/lib/getdef.c 2024-04-02 13:16:27.781730965 +0200
+@@ -83,7 +83,6 @@ static struct itemdef def_table[] = {
{"ENV_PATH", NULL},
{"ENV_SUPATH", NULL},
{"ERASECHAR", NULL},
{"FAKE_SHELL", NULL},
{"GID_MAX", NULL},
{"GID_MIN", NULL},
-diff -urpa shadow-4.8.orig/src/login.c shadow-4.8/src/login.c
---- shadow-4.8.orig/src/login.c 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/login.c 2019-12-15 23:52:32.684000000 +0100
-@@ -536,7 +536,6 @@ int main (int argc, char **argv)
- #if defined(HAVE_STRFTIME) && !defined(USE_PAM)
- char ptime[80];
- #endif
-- unsigned int delay;
- unsigned int retries;
- bool subroot = false;
- #ifndef USE_PAM
-@@ -561,6 +560,7 @@ int main (int argc, char **argv)
- pid_t child;
- char *pam_user = NULL;
+diff -urpa shadow-4.15.1.orig/src/login.c shadow-4.15.1/src/login.c
+--- shadow-4.15.1.orig/src/login.c 2024-03-24 00:33:29.000000000 +0100
++++ shadow-4.15.1/src/login.c 2024-04-02 13:17:10.550309495 +0200
+@@ -489,7 +489,6 @@ int main (int argc, char **argv)
+ const char *tmptty;
+ const char *cp;
+ const char *tmp;
+- unsigned int delay;
+ unsigned int retries;
+ unsigned int timeout;
+ struct passwd *pwd = NULL;
+@@ -500,6 +499,7 @@ int main (int argc, char **argv)
+ pid_t child;
#else
-+ unsigned int delay;
+ bool is_console;
++ unsigned int delay;
struct spwd *spwd = NULL;
- #endif
- /*
-@@ -723,7 +723,6 @@ int main (int argc, char **argv)
+ # if defined(ENABLE_LASTLOG)
+ char ptime[80];
+@@ -667,7 +667,6 @@ int main (int argc, char **argv)
}
environ = newenvp; /* make new environment active */
retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
#ifdef USE_PAM
-@@ -739,8 +738,7 @@ int main (int argc, char **argv)
+@@ -683,8 +682,7 @@ int main (int argc, char **argv)
/*
* hostname & tty are either set to NULL or their correct values,
*
* PAM_RHOST and PAM_TTY are used for authentication, only use
* information coming from login or from the caller (e.g. no utmp)
-@@ -749,10 +747,6 @@ int main (int argc, char **argv)
+@@ -693,10 +691,6 @@ int main (int argc, char **argv)
PAM_FAIL_CHECK;
retcode = pam_set_item (pamh, PAM_TTY, tty);
PAM_FAIL_CHECK;
-#endif
/* if fflg, then the user has already been authenticated */
if (!fflg) {
- unsigned int failcount = 0;
-@@ -793,12 +787,6 @@ int main (int argc, char **argv)
+ char hostn[256];
+@@ -734,12 +728,6 @@ int main (int argc, char **argv)
bool failed = false;
failcount++;
retcode = pam_authenticate (pamh, 0);
-@@ -1088,14 +1076,17 @@ int main (int argc, char **argv)
+@@ -1029,14 +1017,17 @@ int main (int argc, char **argv)
free (username);
username = NULL;
+++ /dev/null
-diff -urpa shadow-4.8.orig/libmisc/chkname.c shadow-4.8/libmisc/chkname.c
---- shadow-4.8.orig/libmisc/chkname.c 2019-10-05 03:23:58.000000000 +0200
-+++ shadow-4.8/libmisc/chkname.c 2019-12-15 23:50:06.137000000 +0100
-@@ -55,21 +55,28 @@ static bool is_valid_name (const char *n
- }
-
- /*
-- * User/group names must match [a-z_][a-z0-9_-]*[$]
-+ * User/group names must match gnu e-regex:
-+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
-+ *
-+ * as a non-POSIX, extension, allow "$" as the last char for
-+ * sake of Samba 3.x "add machine script"
- */
--
-- if (('\0' == *name) ||
-- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
-+ if ( ('\0' == *name) ||
-+ !((*name >= 'a' && *name <= 'z') ||
-+ (*name >= 'A' && *name <= 'Z') ||
-+ (*name >= '0' && *name <= '9') ||
-+ (*name == '_') || (*name == '.')
-+ )) {
- return false;
- }
-
- while ('\0' != *++name) {
-- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
-- ( ('0' <= *name) && ('9' >= *name) ) ||
-- ('_' == *name) ||
-- ('-' == *name) ||
-- ( ('$' == *name) && ('\0' == *(name + 1)) )
-- )) {
-+ if (!( (*name >= 'a' && *name <= 'z') ||
-+ (*name >= 'A' && *name <= 'Z') ||
-+ (*name >= '0' && *name <= '9') ||
-+ (*name == '_') || (*name == '.') || (*name == '-') ||
-+ (*name == '$' && *(name + 1) == '\0')
-+ )) {
- return false;
- }
- }
-diff -urpa shadow-4.8.orig/man/groupadd.8.xml shadow-4.8/man/groupadd.8.xml
---- shadow-4.8.orig/man/groupadd.8.xml 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/man/groupadd.8.xml 2019-12-15 23:41:44.562000000 +0100
-@@ -273,12 +273,6 @@
- <refsect1 id='caveats'>
- <title>CAVEATS</title>
- <para>
-- Groupnames must start with a lower case letter or an underscore,
-- followed by lower case letters, digits, underscores, or dashes.
-- They can end with a dollar sign.
-- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
-- </para>
-- <para>
- Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
- </para>
- <para>
-diff -urpa shadow-4.8.orig/man/man8/groupadd.8 shadow-4.8/man/man8/groupadd.8
---- shadow-4.8.orig/man/man8/groupadd.8 2019-12-01 18:45:34.000000000 +0100
-+++ shadow-4.8/man/man8/groupadd.8 2019-12-15 23:41:44.563000000 +0100
-@@ -197,9 +197,7 @@ Shadow password suite configuration\&.
- .RE
- .SH "CAVEATS"
- .PP
--Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
--.PP
--Groupnames may only be up to 16 characters long\&.
-+Groupnames may only be up to 32 characters long\&.
- .PP
- You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
- .PP
-diff -urpa shadow-4.8.orig/man/man8/useradd.8 shadow-4.8/man/man8/useradd.8
---- shadow-4.8.orig/man/man8/useradd.8 2019-12-01 18:45:38.000000000 +0100
-+++ shadow-4.8/man/man8/useradd.8 2019-12-15 23:41:44.563000000 +0100
-@@ -226,7 +226,7 @@ is not enabled, no home directories are
- .PP
- \fB\-M\fR, \fB\-\-no\-create\-home\fR
- .RS 4
--Do no create the user\*(Aqs home directory, even if the system wide setting from
-+Do not create the user\*(Aqs home directory, even if the system wide setting from
- /etc/login\&.defs
- (\fBCREATE_HOME\fR) is set to
- \fIyes\fR\&.
-@@ -440,8 +440,6 @@ Similarly, if the username already exist
- \fBuseradd\fR
- will deny the user account creation request\&.
- .PP
--Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
--.PP
- Usernames may only be up to 32 characters long\&.
- .SH "CONFIGURATION"
- .PP
-diff -urpa shadow-4.8.orig/man/useradd.8.xml shadow-4.8/man/useradd.8.xml
---- shadow-4.8.orig/man/useradd.8.xml 2019-10-05 03:23:58.000000000 +0200
-+++ shadow-4.8/man/useradd.8.xml 2019-12-15 23:41:44.563000000 +0100
-@@ -366,7 +366,7 @@
- </term>
- <listitem>
- <para>
-- Do no create the user's home directory, even if the system
-+ Do not create the user's home directory, even if the system
- wide setting from <filename>/etc/login.defs</filename>
- (<option>CREATE_HOME</option>) is set to
- <replaceable>yes</replaceable>.
-@@ -661,12 +661,6 @@
- </para>
-
- <para>
-- Usernames must start with a lower case letter or an underscore,
-- followed by lower case letters, digits, underscores, or dashes.
-- They can end with a dollar sign.
-- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
-- </para>
-- <para>
- Usernames may only be up to 32 characters long.
- </para>
- </refsect1>
-diff -urpa shadow-4.8.orig/libmisc/find_new_gid.c shadow-4.8/libmisc/find_new_gid.c
---- shadow-4.8.orig/libmisc/find_new_gid.c 2019-10-13 04:52:08.000000000 +0200
-+++ shadow-4.8/libmisc/find_new_gid.c 2019-12-15 23:40:29.745000000 +0100
-@@ -61,8 +61,8 @@ static int get_ranges (bool sys_group, g
+diff -urpa shadow-4.15.1.orig/lib/find_new_gid.c shadow-4.15.1/lib/find_new_gid.c
+--- shadow-4.15.1.orig/lib/find_new_gid.c 2024-03-01 02:50:52.000000000 +0100
++++ shadow-4.15.1/lib/find_new_gid.c 2024-04-02 12:50:48.196919001 +0200
+@@ -40,8 +40,8 @@ static int get_ranges (bool sys_group, g
/* A requested ID is allowed to be below the autoselect range */
*preferred_min = (gid_t) 1;
- /* Get the minimum ID range from login.defs or default to 101 */
-- *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+- *min_id = getdef_ulong ("SYS_GID_MIN", 101UL);
+ /* Get the minimum ID range from login.defs or default to 10 */
-+ *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 10UL);
++ *min_id = getdef_ulong ("SYS_GID_MIN", 10UL);
/*
* If SYS_GID_MAX is unspecified, we should assume it to be one
-diff -urpa shadow-4.8.orig/libmisc/find_new_uid.c shadow-4.8/libmisc/find_new_uid.c
---- shadow-4.8.orig/libmisc/find_new_uid.c 2019-10-13 04:52:08.000000000 +0200
-+++ shadow-4.8/libmisc/find_new_uid.c 2019-12-15 23:40:29.746000000 +0100
-@@ -61,8 +61,8 @@ static int get_ranges (bool sys_user, ui
+diff -urpa shadow-4.15.1.orig/lib/find_new_uid.c shadow-4.15.1/lib/find_new_uid.c
+--- shadow-4.15.1.orig/lib/find_new_uid.c 2024-03-01 02:50:52.000000000 +0100
++++ shadow-4.15.1/lib/find_new_uid.c 2024-04-02 12:51:12.513247551 +0200
+@@ -40,8 +40,8 @@ static int get_ranges (bool sys_user, ui
/* A requested ID is allowed to be below the autoselect range */
*preferred_min = (uid_t) 1;
- /* Get the minimum ID range from login.defs or default to 101 */
-- *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+- *min_id = getdef_ulong ("SYS_UID_MIN", 101UL);
+ /* Get the minimum ID range from login.defs or default to 1 */
-+ *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL);
++ *min_id = getdef_ulong ("SYS_UID_MIN", 1UL);
/*
* If SYS_UID_MAX is unspecified, we should assume it to be one
-diff -urpa shadow-4.8.orig/src/useradd.c shadow-4.8/src/useradd.c
---- shadow-4.8.orig/src/useradd.c 2019-12-01 17:52:32.000000000 +0100
-+++ shadow-4.8/src/useradd.c 2019-12-15 23:40:29.745000000 +0100
-@@ -96,10 +96,10 @@ const char *Prog;
- /*
- * These defaults are used if there is no defaults file.
- */
--static gid_t def_group = 100;
-+static gid_t def_group = 1000;
+diff -urpa shadow-4.15.1.orig/src/useradd.c shadow-4.15.1/src/useradd.c
+--- shadow-4.15.1.orig/src/useradd.c 2024-03-23 21:32:25.000000000 +0100
++++ shadow-4.15.1/src/useradd.c 2024-04-02 12:43:41.243157136 +0200
+@@ -93,11 +93,11 @@ static const char Prog[] = "useradd";
+ static gid_t def_group = 1000;
+ static const char *def_groups = "";
static const char *def_gname = "other";
-static const char *def_home = "/home";
--static const char *def_shell = "";
+-static const char *def_shell = "/bin/bash";
+static const char *def_home = "/home/users";
+static const char *def_shell = "/sbin/nologin";
static const char *def_template = SKEL_DIR;
- static const char *def_create_mail_spool = "no";
+ static const char *def_usrtemplate = USRSKELDIR;
+-static const char *def_create_mail_spool = "yes";
++static const char *def_create_mail_spool = "no";
+ static const char *def_log_init = "yes";
-@@ -109,7 +109,7 @@ static const char *def_expire = "";
+ static long def_inactive = -1;
+@@ -106,7 +106,7 @@ static const char *def_expire = "";
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
static const char *user_name = "";
Summary(pt_BR.UTF-8): Utilitários para o arquivo de senhas Shadow
Summary(tr.UTF-8): Gölge parola dosyası araçları
Name: shadow
-Version: 4.8.1
-Release: 2
+Version: 4.15.1
+Release: 1
Epoch: 1
License: BSD
Group: Applications/System
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/%{name}-%{version}.tar.xz
-# Source0-md5: 4b05eff8a427cf50e615bda324b5bc45
+# Source0-md5: 006b0856abd49b5e7b45b7cb78ca272a
Source2: %{name}-login.defs
Source3: %{name}.useradd
Source10: chage.pamd
Source22: userdel.pamd
Source23: usermod.pamd
Patch0: %{name}-tld.patch
-# allow names with upper case letters or containing dot in the middle
-Patch1: %{name}-goodname.patch
-Patch2: pam-login-delay.patch
+Patch1: pam-login-delay.patch
URL: https://github.com/shadow-maint/shadow
BuildRequires: acl-devel
BuildRequires: attr-devel
BuildRequires: audit-libs-devel
-BuildRequires: autoconf >= 2.64
-BuildRequires: automake >= 1:1.11
+BuildRequires: docbook-dtd45-xml
+BuildRequires: docbook-style-xsl-nons
BuildRequires: gettext-tools >= 0.12.1
+BuildRequires: itstool
%{?with_selinux:BuildRequires: libselinux-devel}
%{?with_selinux:BuildRequires: libsemanage-devel}
-BuildRequires: libtool
+BuildRequires: libxslt-progs
+BuildRequires: linux-libc-headers >= 7:4.7
BuildRequires: pam-devel
BuildRequires: tar >= 1:1.22
BuildRequires: xz
Provides: passwd
Provides: shadow-utils
Obsoletes: passwd
-Obsoletes: pwdutils
-Obsoletes: shadow-extras
-Obsoletes: shadow-utils
+Obsoletes: pwdutils < 3.3
+Obsoletes: shadow-extras < 1:4.2
+Obsoletes: shadow-utils < 1:4
Conflicts: util-linux < 2.12-10
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%package -n uidmap
Summary: Programs to help use subuids
+Summary(pl.UTF-8): Programy pomagające w stosowaniu poduidów
Group: Applications/System
Requires: setup >= 2.10.0
These programs help unprivileged users to create uid and gid mappings
in user namespaces.
+%description -n uidmap -l pl.UTF-8
+Programy z tego pakietu pomagają nieuprzywilejowanym użytkownikom
+tworzyć mapowania uidów i gidów w przestrzeniach użytkowników.
+
%prep
%setup -q
%patch0 -p1
%patch1 -p1
-%patch2 -p1
%build
# NOTE:
# - cracklib option refers to non-PAM passwd code
# - skey referes to non-PAM pw_auth/passwd_check (login, su, chfn, chsh) code
%configure \
- --bindir=%{_bindir} \
- --sbindir=%{_sbindir} \
--enable-shadowgrp \
%{?with_shared:--enable-shared --disable-static} \
--disable-silent-rules \
+ --enable-man \
--enable-subordinate-ids \
--with-acl \
--with-attr \
--with-group-name-max-length=32 \
--with-libpam \
--with-nscd \
+ --without-su \
--without-libcrack \
%{?with_selinux:--with-selinux} \
--with-sha-crypt \
> $RPM_BUILD_ROOT/etc/security/chfn.allow
> $RPM_BUILD_ROOT/etc/security/chsh.allow
-%{__rm} $RPM_BUILD_ROOT/{etc/pam.d,%{_bindir}}/{login,su}
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/{login,su}.1*
+%{__rm} $RPM_BUILD_ROOT/{etc/pam.d,%{_bindir}}/login
+%{__rm} $RPM_BUILD_ROOT%{_mandir}/*/man1/su.1*
+%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/login.1*
%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man3/*.3*
-# packaged in SysVinit-tools
-%{__rm} $RPM_BUILD_ROOT%{_bindir}/lastlog
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man8/lastlog.8*
# packaged in coreutils
%{__rm} $RPM_BUILD_ROOT%{_bindir}/groups
%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/groups.1*
%{__rm} $RPM_BUILD_ROOT%{_sbindir}/nologin
%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man*/nologin.8*
+# not packaged yet
+%{__rm} $RPM_BUILD_ROOT%{_includedir}/shadow/subid.h
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libsubid.a
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libsubid.la
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libsubid.so
+
%find_lang %{name}
%clean
%{?with_shared:%postun -p /sbin/ldconfig}
+%post -n uidmap -p /sbin/ldconfig
+%postun -n uidmap -p /sbin/ldconfig
+
%files -f %{name}.lang
%defattr(644,root,root,755)
-%doc ChangeLog NEWS TODO doc/{HOWTO,WISHLIST}
+%doc ChangeLog NEWS doc/HOWTO
%attr(640,root,root) %config %verify(not md5 mtime size) %{_sysconfdir}/default/useradd
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
%lang(tr) %{_mandir}/tr/man8/userdel.8*
%lang(tr) %{_mandir}/tr/man8/usermod.8*
+%lang(uk) %{_mandir}/uk/man1/chage.1*
+%lang(uk) %{_mandir}/uk/man1/chfn.1*
+%lang(uk) %{_mandir}/uk/man1/chsh.1*
+%lang(uk) %{_mandir}/uk/man1/expiry.1*
+%lang(uk) %{_mandir}/uk/man1/gpasswd.1*
+%lang(uk) %{_mandir}/uk/man1/newgrp.1*
+%lang(uk) %{_mandir}/uk/man1/passwd.1*
+%lang(uk) %{_mandir}/uk/man1/sg.1*
+%lang(uk) %{_mandir}/uk/man5/faillog.5*
+%lang(uk) %{_mandir}/uk/man5/gshadow.5*
+%lang(uk) %{_mandir}/uk/man5/login.defs.5*
+%lang(uk) %{_mandir}/uk/man5/passwd.5*
+%lang(uk) %{_mandir}/uk/man5/shadow.5*
+%lang(uk) %{_mandir}/uk/man5/suauth.5*
+%lang(uk) %{_mandir}/uk/man8/chgpasswd.8*
+%lang(uk) %{_mandir}/uk/man8/chpasswd.8*
+%lang(uk) %{_mandir}/uk/man8/faillog.8*
+%lang(uk) %{_mandir}/uk/man8/groupadd.8*
+%lang(uk) %{_mandir}/uk/man8/groupdel.8*
+%lang(uk) %{_mandir}/uk/man8/groupmems.8*
+%lang(uk) %{_mandir}/uk/man8/groupmod.8*
+%lang(uk) %{_mandir}/uk/man8/grpck.8*
+%lang(uk) %{_mandir}/uk/man8/grpconv.8*
+%lang(uk) %{_mandir}/uk/man8/grpunconv.8*
+%lang(uk) %{_mandir}/uk/man8/logoutd.8*
+%lang(uk) %{_mandir}/uk/man8/newusers.8*
+%lang(uk) %{_mandir}/uk/man8/pwck.8*
+%lang(uk) %{_mandir}/uk/man8/pwconv.8*
+%lang(uk) %{_mandir}/uk/man8/pwunconv.8*
+%lang(uk) %{_mandir}/uk/man8/useradd.8*
+%lang(uk) %{_mandir}/uk/man8/userdel.8*
+%lang(uk) %{_mandir}/uk/man8/usermod.8*
+%lang(uk) %{_mandir}/uk/man8/vigr.8*
+%lang(uk) %{_mandir}/uk/man8/vipw.8*
+
%lang(zh_CN) %{_mandir}/zh_CN/man1/chage.1*
%lang(zh_CN) %{_mandir}/zh_CN/man1/chfn.1*
%lang(zh_CN) %{_mandir}/zh_CN/man1/chsh.1*
%defattr(644,root,root,755)
%attr(4755,root,root) %{_bindir}/newgidmap
%attr(4755,root,root) %{_bindir}/newuidmap
+%attr(755,root,root) %{_bindir}/getsubids
+%{_mandir}/man1/getsubids.1*
%{_mandir}/man1/newgidmap.1*
%{_mandir}/man1/newuidmap.1*
%{_mandir}/man5/subgid.5*
%lang(fr) %{_mandir}/fr/man1/newuidmap.1*
%lang(fr) %{_mandir}/fr/man5/subgid.5*
%lang(fr) %{_mandir}/fr/man5/subuid.5*
+%ghost %{_libdir}/libsubid.so.4
+%attr(755,root,root) %{_libdir}/libsubid.so.*.*.*
TLD / packages / shadow.git / commitdiff